CVE-2017-18358

LimeSurvey before 2.72.4 has Stored XSS by using the Continue Later (aka Resume later) feature to enter an email address, which is mishandled in the admin panel.

Source: CVE-2017-18358

CVE-2018-20713

Shopware before 5.4.3 allows SQL Injection by remote authenticated users, aka SW-21404.

Source: CVE-2018-20713

CVE-2018-20714

The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin.

Source: CVE-2018-20714

CVE-2017-18357

Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.

Source: CVE-2017-18357

CVE-2018-20716

CubeCart before 6.1.13 has SQL Injection via the validate[] parameter of the "I forgot my Password!" feature.

Source: CVE-2018-20716

CVE-2018-20715

The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL injection via the oxid or synchoxid parameter to the oxConfig::getRequestParameter() method in core/oxconfig.php.

Source: CVE-2018-20715

CVE-2018-20718

In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link.

Source: CVE-2018-20718

CVE-2018-20717

In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to gain Remote Code Execution. This occurs because protection against serialized objects looks for a 0: followed by an integer, but does not consider 0:+ followed by an integer.

Source: CVE-2018-20717

CVE-2019-3811

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return ‘/’ (the root directory) instead of ” (the empty string / no home directory). This could impact services that restrict the user’s filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.

Source: CVE-2019-3811

CVE-2019-6295

Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.php service_id parameter.

Source: CVE-2019-6295